Media Access Control (MAC) Security (MACSEC or MACsec), defined in the IEEE 802.1AE standard, is a connectionless secure communication protocol that was initially defined for Open Systems Interconnection (OSI) layer 2 (L2) point-to-point security between two devices. Existing MACsec typically encrypts all of the data in an Ethernet frame except for a MAC source address (SA) and a MAC destination address (DA). Therefore, existing MACsec is primarily suited for local area network (LAN)/Ethernet environments. To provide MACsec services over a Wide Area Network (WAN), service providers (SPs) offer layer 2 transparent services such as Ethernet private line (E-Line) or E-LAN using various transport layer protocols, such as Ethernet over Multiprotocol Label Switching (EoMPLS) and Layer 2 Tunneling Protocol Version 3 (L2TPv3). A limitation of MACsec across a WAN is that all information except for the source and destination MAC addresses and the MACsec header are encrypted, which means a service provider can only offer port based services. Therefore, it is not possible to offer multiple E-LINE or E-LAN services on a single port, unless the service provider provides layer 2 Virtual LAN (VLAN) services. Internet Protocol Security (IPsec) may be used to encrypt Internet Protocol (IP) packets; however IPsec-based encryption devices add substantial overhead and cannot keep up with line operating rates.